[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: An alternative to 6to4 and teredo

To: "Erik Nordmark" <Erik.Nordmark@sun.com>,"Pekka Savola" <pekkas@netcore.fi>
Subject: RE: An alternative to 6to4 and teredo
From: "Christian Huitema" <huitema@windows.microsoft.com>
Date: Sun, 19 Jan 2003 13:14:51 -0800
Cc: "Erik Nordmark" <Erik.Nordmark@sun.com>,"Joshua Graessley" <jgraessley@apple.com>,<v6ops@ops.ietf.org>

>> That's not all.  6to4/Teredo offer an automatic configuration using
>> anycast addresses.  Much easier than trying to figure out the closest
>> tunnel broker, configuring to use that etc.
>
> If somebody wants to provide a good tunnel broker service they can
> automate this without any changes in the clients. Just have multiple tunnel
> servers at different places in the topology and have the tunnel broker
> meaure or estimate the location of the client before handing it
> off to a tunnel server.

Even if you solved the set up issue, there would still be the matter of cost. Tunnel brokers are only "cost neutral" if they are provided by the user's ISP. On the other hand, if the tunnel broker has to be accessed over the Internet, then there is a direct bandwidth cost: the tunnel broker essentially becomes a secondary ISP. The cost may not be quite as large as the primary ISP, as there is less equipment involved, but it is of the same order of magnitude -- maybe 1/4th of the price of a regular subscription. You are unlikely to finance that kind of of cost with advertisements alone.
 
Rather than opposing tunnel brokers and automatic solutions, we should consider them complementary. Something like, use autoconfiguration by default, switch to a provisioned tunnel if one is available. In the case of 6to4, this essentially boils down to replacing the default "anycast" route by the specific address of a configured (or brokered) relay. In the case of Teredo, this requires provisioning a "configured" mode.
 
I actually debated this "configured Teredo" option with Keith Moore last year. You have to solve a basic security issue: a configured option requires some way to assert and prove the client's identity, so the client can retain a stable IPv6 address even if the NAT mappings happen to change. At the time, we could not agree on a simple security procedure, but since draft 08, Teredo's initialization process actually includes a sign on procedure. It would be fairly easy to program clients to go to a Teredo server and receive either a Teredo prefix of a stable prefix; in the latter case, the client would simply switch to tunnel mode. This would allow both the "free server" model of the current design, and a "configured server" model when the local ISP is willing to support it.
 
-- Christian Huitema

Follow-Ups:
- Re: An alternative to 6to4 and teredo
  - From: "Fred L. Templin" <ftemplin@IPRG.nokia.com>
- RE: An alternative to 6to4 and teredo
  - From: Marc Blanchet <Marc.Blanchet@viagenie.qc.ca>
- RE: An alternative to 6to4 and teredo
  - From: Erik Nordmark <Erik.Nordmark@sun.com>

Prev by Date: RE: An alternative to 6to4 and teredo
Next by Date: RE: comment on: draft-ietf-v6ops-unman-scenarios-00.txt
Previous by thread: Re: An alternative to 6to4 and teredo
Next by thread: RE: An alternative to 6to4 and teredo
Index(es):
- Date
- Thread